Your security stack looks fine from the dashboard and that’s the problem
One in five enterprise endpoints is operating outside a protected and enforceable state on any given day, according to device telemetry collected across tens of millions of …
32% of top-exploited vulnerabilities are over a decade old
Exploitation timelines continued to compress in enterprise environments, with newly disclosed flaws reaching active use almost immediately and older weaknesses remaining …
Attackers are handing off access in 22 seconds, Mandiant finds
Exploits remain the leading entry point for attackers for the sixth consecutive year, according to Mandiant’s M-Trends 2026 report, which draws on more than 500,000 …
The devices winning the race to get hacked in 2026
Enterprise networks keep adding connected devices, expanding the attack surface as threat actors target a wider range of systems, many of which are difficult to inventory, …
Your APIs are under siege, and attackers are just getting warmed up
Internet-facing systems are handling sustained levels of malicious traffic across APIs, web applications, and DDoS channels. Akamai’s State of the Internet security report …
Cybercriminals scale up, government sector hit hardest
Government agencies faced the highest volume of cyberattack campaigns in 2025, according to new findings from HPE Threat Labs, which tracked 1,186 active campaigns over the …
Global fraud losses climb to $442 billion
Online fraud is reaching more victims and generating larger losses, driven by digital tools and organized networks operating across borders. Global trends in financial fraud …
AI coding agents keep repeating decade-old security mistakes
Coding agents are now writing production features on real development teams, and a new report from DryRun Security shows that those agents introduce security vulnerabilities …
Agentic attack chains advance as infostealers flood criminal markets
Cybercriminals spent much of 2025 automating their operations, shifting from one-off attacks to systems that can run entire intrusion cycles with minimal human input. Data …
Wireless vulnerabilities are doubling every few years
Wireless vulnerabilities are being disclosed at a rate that has no precedent in the fifteen-year history of systematic tracking. In 2025, researchers published 937 new …
Software vulnerabilities push credential abuse aside in cloud intrusions
Cloud intrusions are unfolding on shorter timelines, with attackers leaning more on unpatched software and compromised identities. H2 2025 distribution of initial access …
The people behind cyber extortion are often in their forties
Many cybercrime investigations end with arrests or indictments that reveal little about the people behind the operations. When authorities do disclose demographic details, the …
Featured news
Resources
Don't miss
- LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
- Training an AI agent to attack LLM applications like a real adversary
- You don’t have to choose between BAS or automated pentesting, you shouldn’t
- Why your phishing simulations aren’t building a security culture
- Your security stack looks fine from the dashboard and that’s the problem